package com.gxc.authcore.system.controller;

import java.util.HashMap;
import java.util.Map;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.servlet.ModelAndView;

import com.gxc.authcore.client.cache.AuthCacheClient;
import com.gxc.authcore.system.cache.AuthCache;
import com.gxc.authcore.system.domain.User;
import com.gxc.authcore.system.service.UserService;
import com.gxc.authcore.system.util.AuthInfo;
import com.gxc.authcore.system.util.CurrentUtil;
import com.gxc.authcore.system.util.ParamUtil;
import com.gxc.authcore.system.util.SerializeUtil;
import com.gxc.webcore.util.JsonUtil;
import com.gxc.webcore.util.RequestUtil;
import com.gxc.webcore.util.StringUtil;

@Controller("common/authController")
public class AuthController {

	@Autowired
	private UserService userService;

	/**
	 * 登陆页面
	 * 
	 * @param request
	 * @param response
	 * @return
	 * @throws Exception
	 */
	@SuppressWarnings({ "unchecked", "rawtypes" })
	public ModelAndView login(HttpServletRequest request,
			HttpServletResponse response) throws Exception {
		Map model = new HashMap();
		// 判断用户是否已经登录
		// 待续...

		// 请求的参数
		Map params = RequestUtil.getInMap(request);
		// 获取认证后的跳回上次的请求地址
		String clientRequestUrl = (String) params.get("clientRequestUrl");
		if (clientRequestUrl != null && !clientRequestUrl.trim().equals("")) {
			params.remove("clientSystemUrl");
			model.put("clientRequestUrl", clientRequestUrl);
			model.put("params", params);
		}
		return new ModelAndView("default/login.vm", model);
	}

	/**
	 * 登录
	 * 
	 * @param request
	 * @param response
	 * @return
	 * @throws Exception
	 */
	@SuppressWarnings({ "unchecked", "rawtypes" })
	public ModelAndView do_login(HttpServletRequest request,
			HttpServletResponse response) throws Exception {

		String username = request.getParameter("username");
		String password = request.getParameter("password");
		Map result = new HashMap();

		// 获取登录用户信息
		User user = userService.retrieve(username);
		// 验证用户信息
		if (user == null) {
			result.put("status", "failed");
			result.put("data", "该用户不存在。");
		} else {
			// 验证密码
			String db_password = user.getPassword();
			if (db_password == null || !db_password.equals(password)) {
				result.put("status", "failed");
				result.put("data", "用户账号与密码不匹配。");
			} else {
				// 注销已登陆的用户
				// 待续...

				// 登录用户计入缓存
				AuthInfo authInfo = AuthCacheClient.setAuthInfo(username);
				result.put("status", "success");
				result.put("data", authInfo.getAuthid());
				// 设置session
				request.getSession().setAttribute("authid",
						authInfo.getAuthid());
			}
		}
		String jsonString = JsonUtil.object2json(result);
		response.getWriter().write(jsonString);
		return null;
	}

	/**
	 * 注销
	 * 
	 * @param request
	 * @param response
	 * @return
	 * @throws Exception
	 */
	public ModelAndView do_logout(HttpServletRequest request,
			HttpServletResponse response) throws Exception {
		// 缓存中删除此用户
		String authid = CurrentUtil.getAuthid();
		if (!StringUtil.isTrimEmpty(authid)) {
			AuthCache.remove(authid);
		}
		request.getSession().removeAttribute("authid");
		request.getSession().invalidate();
		response.sendRedirect(ParamUtil.get("url_local")
				+ "/common/auth/login.do");
		return null;
	}

	/**
	 * 登陆成功后跳转
	 * 
	 * @param request
	 * @param response
	 * @return
	 * @throws Exception
	 */
	@SuppressWarnings("rawtypes")
	public ModelAndView do_redirect(HttpServletRequest request,
			HttpServletResponse response) throws Exception {
		Map params = RequestUtil.getInMap(request);
		// 获取认证后的跳回上次的请求地址
		String clientRequestUrl = (String) params.get("clientRequestUrl");
		if (clientRequestUrl != null && !clientRequestUrl.trim().equals("")) {
			params.remove("clientRequestUrl");
			response.sendRedirect(clientRequestUrl
					+ SerializeUtil.serializeParam(params));
		}
		return null;
	}

}
